Script to start minion in tmux

Minion is a security project from Mozilla (link). It provides a user-friendly web interface to various security scanner tools. There is a webcast demonstrating the software (link). The software requires a few services to run, and since I like having one script take care of starting everything with the right parameters, I threw together a simple shell script that sets up a tmux session with the services started in windows with the names of the services.

Continue reading

How to break down CIDR subnets in Bash

I was playing around with subnets in bash recently and needed an elegant/easy way to split up a subnet into smaller subnets. First I used 2 functions I found on stackoverflow.com to convert an IP addresse to and from an integer. After that it was just a bit of math in bash to split up any networks too big. Any network larger than $maxSubnet gets split up. Here the useful code:

Output of script:

 

Continue reading

How to get the intersecting area of two polygons in MySQL

I was playing around with spatial features of MySQL this weekend and stumbled into a problem where I was looking for the area of two rectangles that overlap.  MySQL provides a function to check if they overlap, but no function to extract the region that overlaps. I’ve never written a stored routine in MySQL before, so I decided it would be a good exercise to try making one. As you can see the function is pretty straightforward and it assumes you are working with rectangles, but other than that it does what it is supposed to. You pass the function 2 polygons (e.g. Intersection(a.poly,b.poly)), and it returns the intersecting area […]

Continue reading

Picture galleries from trips this summer

Since we are going on a small vacation tomorrow I wanted to get a couple picture galleries up before I start filling my drive up with new pictures. These are all from small trips/excursions we took over the summer. Unfortunately no pictures from the canoe on the st. croix river.

Continue reading

How to find the fingerprints of public keys in authorized_keys

If you use keys for SSH authentication (and you should) then you have probably run into the situation that the auth.log shows that someone logged in, even which local user was used (e.g. root), but you have no idea which of the keys in ~/.ssh/autorized_keys was used. The first step you can do to see what is going on, is increasing the log level of the SSH daemon: /etc/ssh/sshd_config

That will spit out the fingerprint of the SSH key used to log in. Example log entry for a successful login:

Now that we have the fingerprint of the ssh key used to login, we will need ssh-keygen to […]

Continue reading

How to check if a IP (ipv4) address is valid in pure Bash

Here is a small bash function to check if a IP is valid (4 octets, each octet < 256). I find it somewhat elegant since instead of using a lot of case/if/then constructs or a crazy long regex it splits the IP into each octet (and stores them in an array, and then uses a combination of regex and bit shifting to check each octet.

The function will return 0 if the IP is valid, and 1 or higher if it encountered an error (you can check with the $? variable directly after calling the function) Example:

Continue reading

silica.dopefish.de – catching data leaks

I was testing a PHP script for security flaws today and needed a way to check if it was possible to “accidently” leak sensitive data to an external server. So I threw together a small script to save the contents of the $_SERVER $_COOKIE $POST and $_GET arrays and dump them in a file. Since it worked so good I decided to leave the site online. Why did I call it silica? Because silica gel absorbs and stores fluids like this website absorbs information thrown at it. How to use it? Just get your application to connect to silica.dopefish.de instead of where it intended to connect to (by overwriting variables, […]

Continue reading

Updated OSSEC Web UI 0.3 files for OSSEC 2.6

OSSEC is an open source HIDS (Host-based Intrusion Detection System), and a pretty darn good one too. It also has a simple web front-end to view what’s going on, search through alerts and stuff like that  (called OSSEC Web UI, I’ll just call it “WUI” here). Unfortunately the code is a bit outdated (the last official update was from 2008 as far as I can tell) and it doesn’t support newer features of OSSEC like polling data from a database. Something I’d like to tackle if I find the time 😉 The latest version of OSSEC is 2.6, and due to some small changes to the format of the logs WUI no […]

Continue reading

Wireshark Version 1.8.0 released

A new version of Wireshark was released yesterday (1.8.0), head on over to http://www.wireshark.org/download.html to download it for your OS. New and updated features since version 1.6: Wireshark supports capturing from multiple interfaces at once. You can now add, edit, and save packet and capture file annotations. Wireshark, TShark, and their associated utilities now save files using the pcap-ng file format by default. (Your copy of Wireshark might still use the pcap file format if pcap-ng is disabled in your preferences.) Decryption key management for IEEE 802.11, IPsec, and ISAKMP is easier. OID resolution is now supported on 64-bit Windows. The “Save As” menu item has been split into “Save As”, which lets you […]

Continue reading

How to use Cluster SSH (cssh) and Mosh together

A colleague told me about mosh today, just saying “it’s an alternative to SSH that addresses many of the problems” doesn’t do it credit. Go look at the page and have a look, don’t worry it’s a nice page and I’ll still be here waiting when you come back. I do a lot of work on servers across the globe, and believe me, although subtle, the difference between a 10ms connection and a 100+ ms connection is definitely noticeable 😉 That lag all but disappears with mosh. Mosh doesn’t support X11/SSH-Agent forwarding yet, but it’s on their roadmap. Back to topic, I also use cssh for working on multiple servers simultaneously. I’d recommend making a copy of your […]

Continue reading

Playing around with Exim, Spamassassin, DKIM and SPF

I was playing around with my mail server today and decided to have a look at DKIM and SPF. Jump to the bottom for some useful links. You will have to be able to change TXT entries for your domain/subdomains to do any of this. Sending a mail to check-auth@verifier.port25.com will generate an auto-reply with the result of your mail servers settings. I also noticed that Exim wasn’t listening to the IPv6 interface and promptly fixed that, and have received my first mail via IPv6. Some spamassassin scores for your local/user settings:

SPF: Syntax: http://www.openspf.org/SPF_Record_Syntax Tools & Information: http://www.openspf.org/ Wizard: http://www.spfwizard.net/ DKIM: Exim walkthrough: http://mikepultz.com/2010/02/using-dkim-in-exim/ Domain specific settings: http://www.debian-administration.org/users/lee/weblog/41 Tools: http://dkimcore.org/tools/ Wizard: https://www.port25.com/dkim-wizard/

Continue reading

New Virtualbox version, script for easy update of extension pack

VirtualBox 4.1.10 was released yesterday with a few nice things in the changelog. Updating virtualbox itself is easy, just download the package and update it. Since I seem to stumble over the update of the extension pack every time (on my headless system) I thought I’d write a small script this time so I don’t have to rethink it next time (automatically downloads and installs the current extpack):

 

Continue reading

Floor plans for PAYDAY Map “Diamond Heist”

I’ve played PAYDAY the last few weeks, it is a 4 player CO-OP FPS (think of Left 4 Dead in a different setting). One of the maps has caused me a bit of difficulty (Diamond Heist). There is an achievement called “Are Those The Blue Ones?” where you have to collect all the sapphires before the alarm goes off, and I kept forgetting where they were. Also keeping track of the cameras was a bit of a pain, so today I threw them all together on a map for easier reference (right-click “Save link as …” to download): Graphics sources: http://www.overkillsoftware.com/payday/ http://openclipart.org/detail/125695/diamant–diamond-by-lmproulx http://openclipart.org/detail/31891/surveillance-camera-by-maxim2

Continue reading

New Server (with IPv6)

I got a new server and I finished moving everything to the new hardware this week. If you notice anything behaving strange just drop me a note. I also set up IPv6 on all my VMs so will be playing around with that a bit. It’s a shame that hardly any providers give customers IPv6 addresses, migrating from IPv4 to IPv6 will take forever if none of the users can use them (and in the meantime IPv4 addresses are getting more and more expensive for me). The new server is from hetzner since I have been very satisfied with them in the past. Impressive hardware features for low prices and (what […]

Continue reading

How to add locking to a shell script (the easy way)

I haven’t posted anything with bash here for a while, so today I’ll throw in a little snippet to use flock to make sure a script is only running once.  This is very handy in cron jobs that you want to run often, but there shouldn’t be multiple instances of the script running at the same time. Since it is small and easy I’d recommend adding it to any code you don’t want running multiple times since “that script” you just wrote, that runs 10 minutes now, might turn into a monster in 6 months and run 45 minutes when things change (data grows, more stuff to do).  Better safe than sorry. […]

Continue reading

Playing around with DD-WRT

I’m currently playing around with my two WL-330GE Access points from asus (see an older posting). Since that posting I was a bit creative using the existing ethernet cabling and ports in the apartment to be able to retire the WiFi bridge without having any cable going through the apartment. So I decided to use the two access points for something more useful. I’m playing around with dd-wrt to build configurations to use them as WiFi probes (for an IDS), or as Rouge Access Points (for demonstration purposes and to test wireless IDS solutions).  I might compile my own dd-wrt version for the rouge version, there are a few things I miss to build […]

Continue reading

How to make a wonderful cookie dessert in a skillet

A few weeks ago I stumbled across this recipe for making a cookie in a skillet http://www.sophistimom.com/one-pan-skillet-cookie and shared it with a few people because I though it looked cool. My wonderful wife then put “skillet” on our shopping list because she knows I can’t resist cookies, and yesterday we tried out the recipe. It was easy and tasted wonderful 🙂 Below are some pics of the treat.

Continue reading

How to increase Fraps performance with a ramdisk

I recently started playing Battlefield 3 and remembered that I have a Fraps license so I installed it and started recording some stuff. Unsurprisingly the performance made a big dip when I recorded. A glance at my PC told me the harddrive was at fault, probably bringing the whole system down due to IO. Since my PC has more than enough RAM I decided to set up a 5Gb Ramdisk to see if that helped. It did, when writing the video files to the ramdisk I hardly had any performance hit. Unfortunately 5GB isn’t going to last long while recording 1920×1080 @ 40FPS (a few minutes footage at most). Here is my little […]

Continue reading

Yellowstone and Grand Teton Parks

A few weeks ago we traveled a bit west and visited the Yellowstone and Grand Teton National Parks, I’ve finally gotten around to sorting through the pictures and uploading a few (well, actually a lot). I didn’t get around to editing and stitching the panorama photos together yet, or doing anything interesting with the GPS data of our hikes yet. If I get that done I’ll probably update this posting.

Continue reading

rcon.c sorcecode (for linux)

Searching for a linux command line rcon tool can be a bit of a pain: dead links, outdated versions not working anymore, stuff written in php …. yeah. The only version I could find was stuck in a cache of an old webpage. So here is my mirror of the http://www.asyserver.com/~cstrike/rcon.c file that currently gives you a “404, File not found” error. Hopefully this will help anyone trying to find a working version via google and is frustrated with the results. Download, compile, happiness ensured. http://www.dopefish.de/files/rcon.c

Continue reading